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(57) A system and method for searching and retriev- 
ing certificates, which may be used in the processing of 
encoded messages. In one broad aspect, a message 
management server generates certificate identification 
data from a message that uniquely identifies a certificate 
associated with the message. The certificate identifica- 
tion data can then be used to determine whether a given 
located certificate retrieved from one or more certificate 
servers in response to a certificate search request is the 
certificate associated with the message. Only the certif- 
icate identification data is needed to facilitate the deter- 
mination at a user's computing device (e.g. a mobile de- 
vice), alleviating the need for the user to download the 
entire message to the computing device in order to make 
the determination. 
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Description 

[0001] The invention relates generally to the process- 
ing of nnessages, such as e-mail messages, and more 
specifically to a system and method for searching and 
retrieving certificates used in the processing of encoded 
messages. 

Background of the Invention 

[0002] Electronic mail ("e-mail") messages maybe en- 
coded using one of a number of known protocols. Some 
of these protocols, such as Secure Multiple Internet Mail 
Extensions ("S/MIME") for example, rely on public and 
private encryption keys to provide confidentiality and in- 
tegrity, and on a Public Key Infrastructure (PKI) to com- 
municate information that provides authentication and 
authorization. Data encrypted using a private key of a 
private key/public key pair can only be decrypted using 
the corresponding public key of the pair, and vice-versa. 
The authenticity of public keys used in the encoding of 
messages is validated using certificates. In particular, if 
a user of a computing device wishes to encrypt a mes- 
sage before the message is sent to a particular individual, 
the user will require a certificate for that individual. That 
certificate will typically comprise the public key of the in- 
dividual, as well as other identification-related informa- 
tion. Similarly, if a user of a computing device wishes to 
authenticate the sender of a signed message, the user 
will require a certificate for that sender. 
[0003] If the requisite certificate is not already stored 
on the user's computing device, the certificate must first 
be retrieved. Searching for and retrieving a specific cer- 
tificate is a process that generally involves querying a 
certificate server by having the user manually enter the 
name and/or e-mail address of the individual for which a 
certificate is requested in a search form displayed on the 
computing device. Generally, certificates located in the 
search are then temporarily downloaded to the comput- 
ing device for consideration, and a list of located certifi- 
cates may then be displayed to the user. Selected cer- 
tificates in the list may then be manually identified by a 
user for storage in a non-volatile store of the computing 
device, for potential future use. 

[0004] Consider an implementation where the user's 
computing device is a mobile device. When a message 
is received at a message server and is made available 
for downloading to the mobile device, the message is 
typically only transmitted to the mobile device in succes- 
sive data blocks of a pre-defined size, in order to con- 
serve bandwidth. More specifically, a first block of the 
message (e.g. 2 KB of data) Is downloaded to the mobile 
device, and if the user wishes to receive more of the 
message, the user can request that further blocks be 
downloaded to the mobile device, until the entire mes- 
sage has been downloaded to the mobile device or until 
some pre-defined limit on the message download is 
reached. 



[0005] If the received message is a signed S/MIME 
message, for example, in order to verify the integrity of 
the message and authenticate the identity of the sender, 
the certificate of the sender is required. In some cases, 
5 the requisite certificate may accompany the message, 
with the certificate typically being attached to the end of 
the message. Alternatively, the requisite certificate may 
not accompany the message, but one or more certificate 
identifiers that identify the certificate used in the signing 
^0 is provided, also typically at the end of the message. The 
identified certificate can then be retrieved from either a 
certificate store on the mobile device if the certificate is 
already stored therein, or a certificate server from which 
the certificate can be downloaded as noted above. 
15 [0006] In order to obtain the certificate orthe certificate 
identifiers for a message, the entire message must typ- 
ically be downloadedtothe mobile device. Unfortunately, 
downloading entire messages simply to retrieve the cer- 
tificate information can be a time-consuming and expen- 
se sive task (e.g. with respect to bandwidth). On the other 
hand, if only a small part of the message has been down- 
loaded to the mobile device, or if the message is too long 
and cannot be downloaded to the mobile device due to 
an imposed limit, it may not be possible to identify the 
25 certificate that is required to verify the Integrity of the re- 
ceived message and to authenticate the identity of the 
sender with any certainty. 

Summary of the Invention 

30 

[0007] Embodiments of the invention are generally di- 
rected to a system and method for more efficiently 
searching and retrieving certificates, in which the requi- 
site certificate can be identified without requiring the 
35 sender's message to be downloaded in its entirety to the 
user's computing device (e.g. a mobile device). In par- 
ticular, the system and method facilitates a determination 
of the requisite certificate from certificates located in a 
search of one or more certificate servers. 
40 [0008] In one broad aspect of the invention, there is 
provided a method of searching and retrieving certificates 
relating to a message received by a user from a sender, 
the message comprising data identifying a sender certif- 
icate associated therewith, wherein certificate identifica- 
45 tion data that uniquely identifies the sender certificate 
can be generated from the message, and wherein the 
method comprises the steps of: receiving at least a part 
of the message and certificate identification data at a 
computing device; providing a certificate search request 
50 for certificates associated with the sender; performing a 
search on one or more certificate servers, wherein at 
least one query is submitted to the one or more certificate 
servers to request retrieval of located certificates satis- 
fying the certificate search request; retrieving at least one 
55 located certificate from the one or more certificate serv- 
ers; processing each located certificate retrieved, using 
the certificate identification data, to determine If the re- 
spective located certificate is the sender certificate as- 
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sociated with the message; and storing a located certif- 
icate on the computing device, if the located certificate 
is the sender certificate associated with the message as 
determined at the determining step. 
[0009] In another broad aspect, the generated certifi- 
cate identification data includes a serial number and is- 
suer data for the sender certificate; and the processing 
step comprises parsing each located certificate retrieved 
to obtain the respective serial number and issuer data, 
and comparing the respective serial number and issuer 
data to the certificate identification data. 
[0010] In another broad aspect, the generated certifi- 
cate identification data includes a hash of at least a part 
of the sender certificate; and the processing step com- 
prises applying a hash algorithm to each located certifi- 
cate retrieved to obtain the respective hash, and com- 
paring the respective hash to the certificate identification 
data. 

[001 1] In another broad aspect of the invention, there 
is provided a system for searching and retrieving certifi- 
cates relating to a message received by a user from a 
sender, the message comprising data identifying a send- 
er certificate associated therewith, the system compris- 
ing: a message management server adapted to generate 
certificate identification data from the message, wherein 
the certificate identification data uniquely identifies the 
sender certificate; a mobile device adapted to receive at 
least a part of the message, and the certificate identifi- 
cation data, from the message management server and 
a mobile data server adapted to receive a search request 
for certificates associated with the senderf rom the mobile 
device, perform a search on one or more certificate serv- 
ers by querying the one or more certificate servers for 
located certificates satisfying the search request, and re- 
trieve located certificates from the one or more certificate 
servers; wherein at least one of the mobile device and 
the mobile data server is further adapted to process each 
located certificate retrieved at the mobile data server to 
detemnine, using the certification identification data, if the 
respective located certificate is the sender certificate as- 
sociated with the message; and wherein the mobile de- 
vice provides one or more certificate stores to store a 
located certif icate determined to be the sender certificate 
associated with the message. 

[0012] In another broad aspect, there is provided a 
method of searching and retrieving certificates relating 
to a message received by a user from a sender, the mes- 
sage comprising data identifying a sender certificate as- 
sociated therewith, wherein the method comprises the 
steps of: generating certificate identification data for the 
sender certificate from the data in the received message 
identifying the sender certificate, wherein the certificate 
identification data uniquely identifies the sender certifi- 
cate; receiving certificate identification data at a comput- 
ing device; and determining whether the sender certifi- 
cate is stored on the computing device, by generating 
certificate identification data associated with each of a 
plurality of certificates stored on the computing device. 



and comparing generated certificate identification data 
for each of the plurality of stored certificates to the cer- 
tificate identification data generated for the sender cer- 
tificate to identify a stored certificate matching the sender 
5 certificate. 

Brief Description of the Drawings 

[0013] For a better understanding of embodiments of 
^0 the invention, and to show more clearly how it may be 

carried into effect, reference will now be made, by way 
of example, to the accompanying drawings in which: 

FIG. 1 is a block diagram of a mobile device in one 
15 example implementation; 

FIG. 2 is a block diagram of a communication sub- 
system component of the mobile device of FIG. 1 ; 

20 FIG. 3 is a block diagram of a node of a wireless 
network; 

FIG. 4 is a block diagram illustrating components of 
a host system in one example configuration; 

25 

FIG. 5 is a block diagram showing an example of a 
certificate chain; 

FIG. 6 is a block diagram illustrating components of 
30 an example of an encoded message; 

FIG. 7 A is a flowchart illustrating steps in a method 
of searching and retrieving certificates in an embod- 
iment of the invention; and 

35 

FIG. 7B is a flowchart illustrating steps in a method 
of searching and retrieving certificates in another 
embodiment of the invention. 

40 Detailed Description of Embodiments of the Invention 

[001 4] Some embodiments of the invention make use 
of a mobile station. A mobile station is a two-way com- 
munication device with advanced data communication 

45 capabilities having the capability to communicate with 
other computer systems, and is also referred to herein 
generally as a mobile device. A mobile device may also 
include the capability for voice communications. Depend- 
ing on the functionality provided by a mobile device, it 

50 may be referred to as a data messaging device, a 
two-way pager, a cellular telephone with data messaging 
capabilities, a wireless Internet appliance, or a data com- 
munication device (with or without telephony capabili- 
ties). A mobile device communicates with other devices 

55 through a network of transceiver stations. 

[001 5] To aid the reader in understanding the structure 
of a mobile device and how it communicates with other 
devices, reference is made to FIGS. 1 through 3. 
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[0Q16] Referring first to FIG. 1, a blocl< diagram of a 
mobile device in one example implementation is shown 
generally as 1 00. Mobile device 1 00 comprises a number 
of components, the controlling component being micro- 
processor 102. Microprocessor 102 controls the overall 
operation of mobile device 100. Communication func- 
tions, including data and voice communications, are per- 
formed through communication subsystem 104. Com- 
munication subsystem 1 04 receives messages from and 
sends messages to a wireless network 200. In this ex- 
ample implementation of mobile device 100, communi- 
cation subsystem 104 is configured in accordance with 
the Global System for Mobile Communication (GSM) and 
General Packet Radio Services (GPRS) standards. The 
GSM/GPRS wireless network is used worldwide and it 
is expected that these standards will be superseded 
eventually by Enhanced Data GSM Environment (EDGE) 
and Universal Mobile Telecommunications Service 
(UMTS). New standards are still being defined, but it is 
believed that they will have similarities to the network 
behaviourdescribed herein, and it will also be understood 
by persons skilled in the art that the Invention is intended 
to use any other suitable standards that are developed 
in the future. The wireless link connecting communication 
subsystem 1 04 with network 200 represents one or more 
different Radio Frequency (RF) channels, operating ac- 
cording to defined protocols specified for GSM/GPRS 
communications. With newer network protocols, these 
channels are capable of supporting both circuit switched 
voice communications and packet switched data com- 
munications. 

[001 7] Although the wireless network associated with 
mobile device 100 is a GSM/GPRS wireless network in 
one example implementation of mobile device 1 00, other 
wireless networks may also be associated with mobile 
device 1 00 in variant implementations. Different types of 
wireless networks that may be employed include, for ex- 
ample, data-centric wireless networks, voice-centric 
wireless networks, and dual-mode networks that can 
support both voice and data communications over the 
same physical base stations. Combined dual-mode net- 
works include, but are not limited to. Code Division Mul- 
tiple Access (CDMA) or CDMA2000 networks, GSM/ 
GPRS networks (as mentioned above), and future 
third-generation (3G) networks like EDGE and UMTS. 
Some older examples of data-centric networks include 
the Mobitex'TM Radio Network and the DataTACrw Radio 
Network. Examples of older voice-centric data networks 
include Personal Communication Systems (PCS) net- 
works like GSM and Time Division Multiple Access (TD- 
MA) systems. 

[0018] Microprocessor 102 also interacts with addi- 
tional subsystems such as a Random Access Memory 
(RAM) 106, flash memory 108, display 110, auxiliary in- 
put/output (I/O) subsystem 112, serial port 1 1 4, keyboard 
1 1 6, speaker 1 1 8, microphone 1 20, short-range commu- 
nications 122 and other devices 124. 
[001 9] Some of the subsystems of mobile device 1 00 



perfomn communication-related functions, whereas oth- 
er subsystems may provide "residenf or on-device func- 
tions. By way of example, display 1 1 0 and keyboard 1 1 6 
may be used for both communication-related functions, 

5 such as entering a text message for transmission over 
network 200, and device-resident functions such as a 
calculator or task list. Operating system software used 
by microprocessor 1 02 Is typically stored in a persistent 
store such as flash memory 1 08, which may alternatively 

^0 be a read-only memory (ROM) or similar storage element 
(not shown). Those skilled in the art will appreciate that 
the operating system, specific device applications, or 
parts thereof, may be temporarily loaded into a volatile 
store such as RAM 106. 

15 [0020] Mobile device 1 00 may send and receive com- 
munication signals over network 200 after required net- 
work registration or activation procedures have been 
completed. Network access is associated with a sub- 
scriber or user of a mobile device 1 00. To identify a sub- 

20 scriber, mobile device 1 00 requires a Subscriber Identity 
Module or"SIM" card 126to be inserted in a SIM interface 
128 in order to communicate with a network. SIM 126 is 
one type of a conventional "smart card" used to identify 
a subscriber of mobile device 1 00 and to personalize the 

25 mobile device 1 00, among otherthings. Without SIM 1 26, 
mobile device 100 Is not fully operational for communi- 
cation with network 200. By inserting SIM 126 into SIM 
interface 128, a subscriber can access all subscribed 
services. Services could include: web browsing and mes- 

30 saging such as e-mail, voice mail. Short Message Serv- 
ice (SMS), and Multimedia Messaging Services (MMS). 
More advanced services may include: point of sale, field 
service and sales force automation. SIM 126 includes a 
processor and memory for storing information. Once SIM 

35 126 is inserted in SIM interface 128, it is coupled to mi- 
croprocessor 1 02. In orderto identify the subscriber, SIM 
1 26 contains some user parameters such as an Interna- 
tional Mobile Subscriber Identity (IMSI). An advantage 
of using SIM 126 is that a subscriber is not necessarily 

40 bound by any single physical mobile device. SIM 126 
may store additional subscriber information for a mobile 
device as well, including datebook (or calendar) informa- 
tion and recent call information. 
[0021 ] Mobile device 1 00 is a battery-powered device 

45 and includes a battery interface 132 for receiving one or 
more rechargeable batteries 130. Battery interface 132 
is coupled to a regulator (not shown), which assists bat- 
tery 130 in providing power V+ to mobile device 100. 
Although current technology makes use of a battery, fu- 

50 ture technologies such as micro fuel cells may provide 
the power to mobile device 1 00. 
[0022] Microprocessor 1 02, in addition to its operating 
system functions, enables execution of software appli- 
cations on mobile device 100. A set of applications that 

55 control basic device operations. Including data and voice 
communication applications, will normally be Installed on 
mobile device 100 during its manufacture. Another ap- 
plication that may be loaded onto mobile device 100 
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would be a personal information nnanager (PIM). A PIM 
has functionality to organize and manage data items of 
interestto a subscriber, such as, but not limited to, e-mail, 
calendar events, voice mails, appointments, and task 
items. A PIIVI application has the ability to send and re- 
ceive data items via wireless network200. PIM data items 
may be seamlessly integrated, synchronized, and updat- 
ed via wireless network 200 with the mobile device sub- 
scriber's corresponding data items stored and/or asso- 
ciated with a host computer system. This functionality 
creates a mirrored host computer on mobile device 1 00 
with respect to such items. This can be particularly ad- 
vantageous where the host computer system is the mo- 
bile device subscriber's office computer system. 
[0023] Additional applications may also be loaded onto 
mobile device 1 0Othrough network200, auxiliary l/Osub- 
system 1 1 2, serial port 1 1 4, short-range communications 
subsystem 122, or any other suitable subsystem 124. 
This flexibility in application installation increases the 
functionality of mobile device 100 and may provide en- 
hanced on-device functions, communication-related 
functions, or both. For example, secure communication 
applications may enable electronic commerce functions 
and other such financial transactions to be performed 
using mobile device 100. 

[0024] Serial port 11 4 enables a subscriber to set pref- 
erences through an external device or software applica- 
tion and extends the capabilities of mobile device 1 00 by 
providing for information or software downloads to mobile 
device 1 00 otherthan through a wireless communication 
network. The alternate download path may, for example, 
be used to load an encryption key onto mobile device 
100 through a direct and thus reliable and trusted con- 
nection to provide secure device communication. 
[0025] Short-range communications subsystem 122 
provides for communication between mobile device 100 
and different systems or devices, without the use of net- 
work 200. For example, subsystem 122 may include an 
infrared device and associated circuits and components 
for short-range communication. Examples of short range 
communication would include standards developed by 
the Infrared Data Association (IrDA), Bluetooth, and the 
802.1 1 family of standards developed by IEEE. 
[0026] In use, a received signal such as a text mes- 
sage, an e-mail message, or web page download will be 
processed by communication subsystem 104 and input 
to microprocessor 102. Microprocessor 102 will then 
process the received signal for output to display 1 10 or 
alternatively to auxiliary I/O subsystem 11 2. A subscriber 
may also compose data Items, such as e-mail messages, 
for example, using keyboard 1 1 6 in conjunction with dis- 
play 1 1 0 and possibly auxiliary I/O subsystem 112. Aux- 
iliary subsystem 112 may include devices such as: a 
touch screen, mouse, track ball, infrared fingerprint de- 
tector, or a roller wheel with dynamic button pressing 
capability. Keyboard 116 is an alphanumeric keyboard 
and/ortelephone-type keypad. A composed item may be 
transmitted over network 200 through communication 



subsystem 104. 

[0027] For voice communications, the overall opera- 
tion of mobile device 100 is substantially similar, except 
that the received signals would be output to speaker 1 1 8, 

5 and signals for transmission would be generated by mi- 
crophone 1 20. Alternative voice oraudio I/O subsystems, 
such as a voice message recording subsystem, may also 
be implemented on mobile device 100. Although voice 
or audio signal output is accomplished primarily through 

^0 speaker 1 1 8, display 1 1 0 may also be used to provide 
additional information such as the identity of a calling 
party, duration of a voice call, or other voice call related 
information. 

[0028] Referring now to FIG. 2, a block diagram of the 
15 communication subsystem component 104 of FIG. 1 is 
shown. Communication subsystem 104 comprises a re- 
ceiver 150, a transmitter 152, one or more embedded or 
internal antenna elements 154, 156, Local Oscillators 
(LOs) 158, and a processing module such as a Digital 
20 Signal Processor (DSP) 1 60. 

[0029] The particular design of communication sub- 
system 104 is dependent upon the network 200 in which 
mobile device 100 is intended to operate, thus it should 
be understood that the design illustrated in FIG. 2 serves 
25 only as one example. Signals received by antenna 154 
through network 200 are inputto receiver 1 50, which may 
perform such common receiver functions as signal am- 
plification, frequency down conversion, filtering, channel 
selection, and analog-to-digital (A/D) conversion. A/D 
30 conversion of a received signal allows more complex 
communication functions such as demodulation and de- 
coding to be performed in DSP 1 60. In a similar manner, 
signals to be transmitted are processed, including mod- 
ulation and encoding, by DSP 160. These DSP-proc- 
35 essed signals are input to transmitter 152 for digit- 
al-to-analog (D/A) conversion, frequency up conversion, 
filtering, amplification and transmission over network200 
via antenna 156. DSP 160 not only processes commu- 
nication signals, but also provides for receiver and trans- 
it? mitter control. For example, the gains applied to commu- 
nication signals in receiver 150 and transmitter 152 may 
be adaptively controlled through automatic gain control 
algorithms implemented in DSP 160. 
[0030] The wireless link between mobile device 100 
45 and a network 200 may contain one or more different 
channels, typically different RFchannels, and associated 
protocols used between mobile device 100 and network 
200. A RF channel is a limited resource that must be 
conserved, typically due to limits in overall bandwidth and 
50 limited battery power of mobile device 1 00. 

[0031] When mobile device 100 is fully operational, 
transmitter 1 52 is typically keyed or turned on only when 
it is sending to network 200 and is otherwise turned off 
to conserve resources. Similarly, receiver 150 is period- 
55 ically turned off to conserve power until it is needed to 
receive signals or information (if at all) during designated 
time periods. 

[0032] Referring now to FIG. 3, a block diagram of a 
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node of a wireless network is shown as 202. In practice, 
network 200 comprises one or nnore nodes 202. Mobile 
device 100 connmunicates witli a node 202 within wire- 
less network 200. In the example implementation of FIG. 
3, node 202 is configured in accordance with General 
Packet Radio Service (GPRS) and Global Systems for 
Mobile (GSM) technologies. Node 202 includes a base 
station controller (BSC) 204 with an associated tower 
station 206, a Packet Control Unit (PCU) 208 added for 
G PRS support in GSM, a Mobile Switching Center (MSC) 
210, a Home Location Register (HLR) 212, a Visitor Lo- 
cation Registry (VLR) 214, a Serving GPRS Support 
Node (SGSN) 216, a Gateway GPRS Support Node 
(GGSN)21 8, and a Dynamic Host Configuration Protocol 
(DHCP) 220. This list of components is not meant to be 
an exhaustive list of the components of every node 202 
within a GSM/GPRS network, but rather a list of compo- 
nents that are commonly used in communications 
through network 200. 

[0033] In a GSM network, MSC 21 0 is coupled to BSC 

204 and to a landline network, such as a Public Switched 
Telephone Network (PSTN) 222 to satisfy circuit 
switched requirements. The connection through PCU 
208, SGSN 216 and GGSN 218 to the public or private 
network (Internet) 224 (also referred to herein generally 
as a shared network infrastructure) represents the data 
path for GPRS capable mobile devices. In a GSM net- 
work extended with GPRS capabilities, BSC 204 also 
contains a Packet Control Unit (PCU) 208 that connects 
to SGSN 216 to control segmentation, radio channel al- 
location and to satisfy packet switched requirements. To 
track mobile device location and availability for both cir- 
cuit switched and packet switched management, HLR 
21 2 is shared between MSC 21 0 and SGSN 21 6. Access 
to VLR 214 is controlled by MSC 21 0. 
[0034] Station 206 is a fixed transceiver station. Station 
206 and BSC 204 together form the fixed transceiver 
equipment. The fixed transceiver equipment provides 
wireless network coverage for a particular coverage area 
commonly referred to as a "cell". The fixed transceiver 
equipment transmits communication signals to and re- 
ceives communication signals from mobile devices within 
its cell via station 206. The fixed transceiver equipment 
normally performs such functions as modulation and pos- 
sibly encoding and/or encryption of signals to be trans- 
mitted to the mobile device in accordance with particular, 
usually predetermined, communication protocols and pa- 
rameters, under control of its controller. The fixed trans- 
ceiver equipment similarly demodulates and possibly de- 
codes and decrypts, if necessary, any communication 
signals received from mobile device 1 00 within its cell. 
Communication protocols and parameters may vary be- 
tween different nodes. For example, one node may em- 
ploy a different modulation scheme and operate at dif- 
ferent frequencies than other nodes. 
[0035] For all mobile devices 1 00 registered with a spe- 
cific network, permanent configuration data such as a 
user profile is stored in HLR 21 2. HLR 21 2 also contains 



location information for each registered mobile device 
and can be queried to determine the current location of 
a mobile device. MSC 21 0 is responsible for a group of 
location areas and stores the data of the mobile devices 

5 currently in its area of responsibility in VLR 214. Further 
VLR 214 also contains infonriation on mobile devices 
that are visiting other networks. The information in VLR 
214 includes part of the permanent mobile device data 
transmitted from HLR 212 to VLR 21 4 for faster access. 

^0 By moving additional information from a remote HLR 21 2 
node to VLR 214, the amount of traffic between these 
nodes can be reduced so that voice and data services 
can be provided with faster response times and at the 
same time requiring less use of computing resources. 

15 [0036] SGSN 21 6 and GGSN 21 8 are elements added 
for GPRS support; namely packet switched data support, 
within GSM. SGSN 216 and MSC 210 have similar re- 
sponsibilities within wireless network 200 by keeping 
track of the location of each mobile device 1 00. SGSN 

20 21 6 also performs security functions and access control 
for data traffic on network 200. GGSN 218 provides in- 
ternetworking connections with external packet switched 
networks and connects to one or more SGSN's 216 via 
an Internet Protocol (IP) backbone network operated 

25 within the network 200. During normal operations, a given 
mobile device 1 00 must perform a "GPRS Attach" to ac- 
quire an IP address and to access data services. This 
requirement is not present in circuit switched voice chan- 
nels as Integrated Services Digital Network (ISDN) ad- 

30 dresses are used for routing incoming and outgoing calls. 
Currently, all GPRS capable networks use private, dy- 
namically assigned IP addresses, thus requiring a DHCP 
server 220 connected to the GGSN 21 8. There are many 
mechanismsfor dynamic IP assignment, including using 

35 a combination of a Remote Authentication Dial-In User 
Service (RADIUS) server and DHCP server. Once the 
GPRS Attach is complete, a logical connection is estab- 
lished from a mobile device 100, through PCU 208, and 
SGSN 21 6 to an Access Point Node (APN) within GGSN 

40 218. The APN represents a logical end of an IP tunnel 
that can either access direct Internet compatible services 
or private network connections. The APN also represents 
a security mechanism for network 200, insofar as each 
mobile device 1 00 must be assigned to one or more APNs 

45 and mobile devices 100 cannot exchange data without 
first performing a GPRS Attach to an APN that it has been 
authorized to use. The APN may be considered to be 
similar to an Internet domain name such as "myconnec- 
tion.wireless.com". 

50 [0037] Once the GPRS Attach is complete, a tunnel is 
created and all traffic is exchanged within standard IP 
packets using any protocol that can be supported in IP 
packets. This includes tunneling methods such as I P over 
IP as in the case with some IPSecurity (IPsec) connec- 

55 tions used with Virtual Private Networks (VPN). These 
tunnels are also referred to as Packet Data Protocol 
(PDP) Contexts and there are a limited number of these 
available in the network 200. To maximize use of the 
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PDP Contexts, network 200 will run an Idle timerfor each 
PDP Context to determine if there is a lack of activity. 
When a mobile device 100 is not using its PDP Context, 
the PDP Context can be deallocated and the IP address 
returned to the I P address pool managed by DHCP server 
220. 

[0038] Referring now to FIG. 4, a block diagram illus- 
trating components of a host system in one example con- 
figuration is shown. Host system 250 will typically be a 
corporate office or other local area network (LAN), but 
may instead be a home office computer or some other 
private system, for example, in variant implementations. 
In this example shown in FIG. 4, host system 250 is de- 
picted as a LAN of an organization to which a user of 
mobile device 100 belongs. 

[0039] LAN 250 comprises a number of network com- 
ponents connected to each other by LAN connections 
260. For instance, a user's desktop computer 262a with 
an accompanying cradle 264 for the user's mobile device 
1 00 is situated on LAN 250. Cradle 264 for mobile device 
100 may be coupled to computer 262a by a serial or a 
Universal Serial Bus (USB) connection, for example. Oth- 
er user computers 262b are also situated on LAN 250, 
and each may or may not be equipped with an accom- 
panying cradle 264 for a mobile device. Cradle 264 fa- 
cilitates the loading of information (e.g. PIM data, private 
symmetric encryption keys to facilitate secure communi- 
cations between mobile device 1 00 and LAN 250) from 
user computer 262a to mobile device 1 00, and may be 
particularly useful for bulk information updates often per- 
formed in initializing mobile device 100 for use. The in- 
formation downloaded to mobile device 1 00 may include 
certificates used in the exchange of messages. It will be 
understood by persons skilled in the art that user com- 
puters 262a, 262b will typically be also connected to other 
peripheral devices not explicitly shown in FIG. 4. 
[0040] Embodiments of the invention relate generally 
to the processing of messages, such as e-mail messag- 
es, and some embodiments relate generally to the com- 
munication of such messages to and from mobile device 
100. Accordingly, only a subset of network components 
of LAN 250 are shown in FIG. 4 for ease of exposition, 
and it will be understood by persons skilled in the art that 
LAN 250 will comprise additional components not explic- 
itly shown in FIG. 4, for this example configuration. More 
generally, LAN 250 may represent a smaller part of a 
larger network [not shown] of the organization, and may 
comprise different components and/or be arranged in dif- 
ferent topologies than that shown in the example of FIG. 
4. 

[0041] In this example, mobile device 100 communi- 
cates with LAN 250 through a node 202 of wireless net- 
work 200 and a shared network infrastructure 224 such 
as a service provider network or the public Internet. Ac- 
cess to LAN 250 may be provided through one or more 
routers [not shown], and computing devices of LAN 250 
may operate from behind a firewall or proxy server 266. 
[0042] In a variant implementation, LAN 250 compris- 



es a wireless VPN router [not shown] to facilitate data 
exchange between the LAN 250 and mobile device 1 00. 
The concept of a wireless VPN router is new in the wire- 
less industry and implies that a VPN connection can be 

5 established directly through a specific wireless network 
to mobile device 1 00. The possibility of using a wireless 
VPN router has only recently been available and could 
be used when the new Internet Protocol (IP) Version 6 
(IPV6) arrives into IP-based wireless networks. This new 

^0 protocol will provide enough I P addresses to dedicate an 
IP address to every mobile device, making it possible to 
push information to a mobile device at any time. An ad- 
vantage of using a wireless VPN router is that it could be 
an off-the-shelf VPN component, not requiring a separate 

15 wireless gateway and separate wireless infrastructure to 
be used. A VPN connection would preferably be a Trans- 
mission Control Protocol (TCP)/IP or User Datagram Pro- 
tocol (UDP)/IP connection to deliver the messages di- 
rectly to mobile device 1 00 in this variant implementation. 

20 [0043] Messages intended for a user of mobile device 
1 00 are initially received by a message server 268 of 
LAN 250. Such messages may originate from any of a 
number of sources. For instance, a message may have 
been sent by a sender from a computer 262b within LAN 

25 250, from a different mobile device [not shown] connect- 
ed to wireless network 200 or to a different wireless net- 
work, orf rom a different computing device or other device 
capable of sending messages, via the shared network 
infrastructure 224, and possibly through an application 

30 service provider (ASP) or Internet service provider (ISP), 
for example. 

[0044] Message server 268 typically acts as the pri- 
mary interface forthe exchange of messages, particularly 
e-mail messages, within the organization and over the 

35 shared network infrastructure 224. Each user in the or- 
ganization that has been set up to send and receive mes- 
sages is typically associated with a user account man- 
aged by message server268. One example of a message 
server 268 is a Microsoft Exchange™ Server. In some 

40 implementations, LAN 250 may comprise multiple mes- 
sage servers 268. Message server 268 may also be 
adapted to provide additional functions beyond message 
management, including the management of data asso- 
ciated with calendars and task lists, for example. 

45 [0045] When messages are received by message 
server 268, they are typically stored in a message store 
[not explicitly shown], from which messages can be sub- 
sequently retrieved and delivered to users. For instance, 
an e-mail client application operating on a user's com- 

50 puter 262a may request the e-mail messages associated 
with that user's account stored on message server 268. 
These messages would then typically be retrieved from 
message server 268 and stored locally on computer 
262a. 

55 [0046] When operating mobile device 100, the user 
may wish to have e-mail messages retrieved for delivery 
to the handheld. An e-mail client application operating 
on mobile device 100 may also request messages asso- 
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ciated with the user's account from message server 268. 
The e-mail client may be configured (either by the user 
or by an administrator, possibly in accordance with an 
organization's information technology (IT) policy) to 
make this request at the direction of the user, at some 
pre-defined time interval, or upon the occurrence of some 
pre-defined event. In some implementations, mobile de- 
vice 100 is assigned its own e-mail address, and mes- 
sages addressed specifically to mobile device 100 are 
automatically redirected to mobile device 1 00 as they are 
received by message server 268. 
[0047] To facilitate the wireless communication of 
messages and message-related data between mobile 
device 100 and components of LAN 250, a number of 
wireless communications support components 270 may 
be provided. In this example implementation, wireless 
communications support components 270 comprise a 
message management server 272, for example. Mes- 
sage management server 272 is used to specifically pro- 
vide support for the management of messages, such as 
e-mail messages, that are to be handled by mobile de- 
vices. Generally, while messages are still stored on mes- 
sage server 268, message management server 272 can 
be used to control when, if, and how messages should 
be sent to mobile device 100. Message management 
server 272 also facilitates the handling of messages com- 
posed on mobile device 1 00, which are sent to message 
server 268 for subsequent delivery. 
[0048] For example, message management server 
272 may: monitor the user's "mailbox" (e.g. the message 
store associated with the user's account on message 
server 268) for new e-mail messages; apply user-defin- 
able filters to new messages to detemiine if and how the 
messages will be relayed to the user's mobile device 1 00; 
compress and encrypt new messages (e.g. using an en- 
cryption technique such as Data Encryption Standard 
(DES) or Triple DES) and push them to mobile device 
100 via the shared network infrastructure 224 and wire- 
less network 200; and receive messages composed on 
mobile device 1 00 (e.g. encrypted using Triple DES), de- 
crypt and decompress the composed messages, re-for- 
mat the composed messages if desired so that they will 
appearto have originated from the user's computer 262a, 
and re-route the composed messages to message server 
268 for delivery. 

[0049] Certain properties or restrictions associated 
with messages that are to be sent from and/or received 
by mobile device 100 can be defined (e.g. by an admin- 
istrator in accordance with IT policy) and enforced by 
message management server 272. These may include 
whethermobile device 1 00 may receive encrypted and/or 
signed messages, minimum encryption key sizes, wheth- 
er outgoing messages must be encrypted and/or signed, 
and whether copies of all secure messages sent from 
mobile device 100 are to be sent to a pre-defined copy 
address, for example. 

[0050] Message management server 272 may also be 
adapted to provide other control functions, such as only 



pushing certain message infomnation or pre-defined por- 
tions (e.g. "blocks") of a message stored on message 
server 268 to mobile device 100. For example, when a 
message is initially retrieved by mobile device 1 00 from 

5 message server 268, message management server 272 
is adapted to push only the first part of a message to 
mobile device 100, with the part being of a pre-defined 
size (e.g. 2 KB). The user can then request more of the 
message, to be delivered in similar-sized blocks by mes- 

^0 sage management server 272 to mobile device 1 00, pos- 
sibly up to a maximum pre-defined message size. 
[0051 ] Accordingly, message management server272 
facilitates better control over the type of data and the 
amount of data that is communicated to mobile device 

15 1 00, and can help to minimize potential waste of band- 
width or other resources. 

[0052] It will be understood by persons skilled in the 
art that message management server 272 need not be 
implemented on a separate physical server in LAN 250 

20 or other network. For example, some or all of the func- 
tions associated with message management server 272 
may be integrated with message server 268, or some 
other server in LAN 250. Furthermore, l_AN 250 may 
comprise multiple message management servers 272, 

25 particularly in variant implementations where a large 
number of mobile devices need to be supported. 
[0053] Embodiments of the invention relate generally 
to the processing of encoded messages, such as e-mail 
messages that are encrypted and/or signed. While Sim- 

30 pie Mail Transfer Protocol (SMTP), RFC822 headers, 
and Multipurpose Internet Mail Extensions (MIME) body 
parts may be used to define the format of a typical e-mail 
message not requiring encoding, Secure/MIME (8/ 
MIME), aversion of the MIME protocol, may be used in 

35 the communication of encoded messages (i.e. in secure 
messaging applications). S/MIME enables end-to-end 
authentication and confidentiality, and protects data in- 
tegrity and privacy from the time an originator of a mes- 
sage sends a message until it is decoded and read by 

40 the message recipient. Other known standards and pro- 
tocols may be employed to facilitate secure message 
communication, such as Pretty Good Privacy™ (PGP), 
Open PGP, and others known in the art. 
[0054] Secure messaging protocols such as S/MIME 

45 rely on public and private encryption keys to provide con- 
fidentiality and integrity, and on a Public Key Infrastruc- 
ture (PKI) to communicate information that provides au- 
thentication and authorization. Data encrypted using a 
private key of a private key/public key pair can only be 

50 decrypted using the corresponding public key of the pair, 
and vice-versa. Private key information is never made 
public, whereas public key information is shared. 
[0055] For example, if a sender wishes to send a mes- 
sage to a recipient in encrypted form, the recipient's pub- 

55 lie key is used to encrypt a message, which can then be 
decrypted only using the recipient's private key. Alterna- 
tively, in some encoding techniques, a one-time session 
key is generated and used to encrypt the body of a mes- 



8 



15 



EP 1 633 100 A1 



16 



sage, typically with a symmetric encryption technique 
(e.g. Triple DES). The session l<ey is then encrypted us- 
ing the recipient's public key (e.g. with a public key en- 
cryption algorithm such as RSA), which can then be de- 
crypted only using the recipient's private key. The de- 
crypted session key can then be used to decrypt the mes- 
sage body. The message header may be used to specify 
the particular encryption scheme that must be used to 
decrypt the message. Other encryption techniques 
based on public key cryptography may be used in variant 
implementations. However, in each of these cases, only 
the recipient's private key may be used to facilitate de- 
cryption of the message, and in this way, the confidenti- 
ality of messages can be maintained. 
[0056] As a further example, a sender may sign a mes- 
sage using a digital signature. A digital signature is a 
digest of the message (e.g. a hash of the message) en- 
crypted using the sender's private key, which can then 
be appended to the outgoing message. To verify the sig- 
nature of the message when received, the recipient uses 
the same technique as the sender (e.g. using the same 
standard hash algorithm) to obtain a digest of the re- 
ceived message. The recipient also uses the sender's 
public key to decrypt the digital signature, in order to ob- 
tain what should be a matching digest for the received 
message. If the digests of the received message do not 
match, this suggests that eitherthe message content was 
changed during transport and/or the message did not 
originate from the sender whose public key was used for 
verification. By verifying a digital signature in this way, 
authentication of the sender and message integrity can 
be maintained. 

[0057] An encoded message may be encrypted, 
signed, or both encrypted and signed. The authenticity 
of public keys used in these operations is validated using 

certificates. A certificate is a digital document Issued by 
a certificate authority (CA). Certificates are used to au- 
thenticate the association between users and their public 
keys, and essentially, provides a level of trust in the au- 
thenticity of the users' public keys. Certificates contain 
information about the certificate holder, with certificate 
contents typically formatted in accordance with an ac- 
cepted standard (e.g. X.509). 

[0058] Consider FIG. 5, in which an example certificate 
chain 300 is shown. Certificate 310 issued to "John 
Smith" is an example of a certificate issued to an individ- 
ual, which may be referred to as an end entity certificate. 
End entity certificate 31 0 typically identifies the certificate 
holder31 2 (i.e. John Smith Inthis example) andthe issuer 
of the certificate 314, and Includes a digital signature of 
the issuer 31 6 and the certificate holder's public key 31 8. 
CertificateSIO will also typically include other information 
and attributes that identify the certificate holder (e.g. 
e-mail address, organization name, organizational unit 
name, location, etc.). When the individual composes a 
message to be sent to a recipient, it Is customary to in- 
clude that individual's certificate 300 with the message. 
[0059] For a public key to be trusted, its issuing organ- 



ization must be trusted. The relationship between a trust- 
ed CA and a user's public key can be represented by a 
series of related certificates, also referred to as a certif- 
icate chain. The certificate chain can be followed to de- 

5 termine the validity of a certificate. 

[0060] For instance, in the example certificate chain 
300 shown in FIG. 5, the recipient of a message purported 
to be sent by John Smith may wish to verify the trust 
status of certificate 310 attached to the received mes- 

^0 sage. To verify the trust status of certificate 310 on a 
recipient's computing device (e.g. computer 262a of FIG. 
4) for example, the certificate 320 of issuer ABC is ob- 
tained, and used to verify that certificate 310 was Indeed 
signed by issuer ABC. Certificate 320 may already be 

15 stored in a certificate store on the computing device, or 
it may need to be retrieved from a certificate source (e.g. 
LDAP server 284 of FIG. 4 orsome other public or private 
LDAP server). If certificate 320 is already stored in the 
recipient's computing device and the certificate has been 

20 designated as trusted by the recipient, then certificate 
31 0 is considered to be trusted since it chains to a stored, 
trusted certificate. 

[0061] However, in the example shown in FIG. 5, cer- 
tificate 330 is also required to verify the trust of certificate 

25 310. Certificate 330 is self-signed, and is referred to as 
a "root certificate". Accordingly, certificate 320 may be 
referred to as an "intermediate certificate" in certificate 
chain 300; any given certificate chain to a root certificate, 
assuming achain to the root certificate can be determined 

30 for a particular end entity certificate, may contain zero, 
one, ormultiple intermediate certificates. If certificate 330 
is a root certificate issued by a trusted source (from a 
large certificate authority such as Verisign or Entrust, for 
example), then certificate 310 may be considered to be 

35 trusted since it chains to a trusted certificate. The impli- 
cation is that both the sender and the recipient of the 
message trust the source of the root certificate 330. If a 
certificate cannot be chained to a trusted certificate, the 
certificate may be considered to be "not trusted". 

40 [0062] Certificate servers store information about cer- 
tificates and lists identifying certificates that have been 
revoked. These certificate servers can be accessed to 
obtain certificates and to verify certificate authenticity and 
revocation status. For example, a Lightweight Directory 

45 Access Protocol (LDAP) server may be used to obtain 
certificates, and an Online Certificate Status Protocol 
(OCSP) server may be used to verify certificate revoca- 
tion status. 

[0063] Standard e-mail security protocols typically fa- 
50 cllltate secure message transmission between non-mo- 
bile computing devices (e.g. computers 262a, 262b of 
FIG. 4; remote desktop devices). Referring again to FIG. 
4, in order that signed messages received from senders 
may be read from mobile device 1 00 and encrypted mes- 
55 sages be sent to those senders, mobile device 1 00 is 
adapted to store certificates and associated public keys 
of other individuals. Certificates stored on a user's com- 
puter 262a will typically be downloaded from computer 
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262a to mobile device 1 00 tlirougli cradle 264, for exam- 
ple. 

[0064] Certificates stored on computer 262a and 
downloaded to mobile device 100 are not limited to cer- 
tificates associated with individuals but may also include 
certificates issued to CAs, for example. Certain certifi- 
cates stored in computer 262a and/or mobile device 1 00 
can also be explicitly designated as "trusted" by the user. 
Accordingly, when a certificate is received by a user on 
mobile device 100, it can be verified on mobile device 
1 00 by matching the certificate with one stored on mobile 
device 100 and designated as trusted, or otherwise de- 
termined to be chained to a trusted certificate. 
[0065] Mobile device 1 00 may also be adapted to store 
the private key of the public key/private key pair associ- 
ated with the user, so that the user of mobile device 1 00 
can sign outgoing messages composed on mobile device 
100, and decrypt messages sent to the user encrypted 
with the user's public key. The private key may be down- 
loaded to mobile device 100 from the user's computer 
262a through cradle 264, for example. The private key 
is preferably exchanged between the computer262a and 
mobile device 1 00 so that the user may share one identity 
and one method for accessing messages. 
[0066] User computers 262a, 262b can obtain certifi- 
cates from a number of sources, for storage on comput- 
ers 262a, 262b and/or mobile devices (e.g. mobile device 
1 00). These certificate sources may be private (e.g. ded- 
icated for use within an organization) or public, may re- 
side locally or remotely, and may be accessible from with- 
in an organization's private network orthrough the Inter- 
net, for example. In the example shown in FIG. 4, multiple 
PKI servers 280 associated with the organization reside 
on LAN 250. PKI servers 280 include a CA server 282 
for issuing certificates, an LDAP server 284 used to 
search for and download certificates (e.g. for individuals 
within the organization), and an OCSP server 286 used 
to verify the revocation status of certificates. 
[0067] Certificates may be retrieved from LDAP server 
284 by a user computer 262a, for example, to be down- 
loaded to mobile device 1 00 via cradle 264. However, in 
a variant implementation, LDAP server 284 may be ac- 
cessed directly (i.e. "overthe air" in this context) by mobile 
device 100, and mobile device 100 may search for and 
retrieve individual certificates through a mobile data serv- 
er288. Similarly, mobile data server288 may be adapted 
to allow mobile device 1 00 to directly query OCSP server 
286 to verify the revocation status of certificates. 
[0068] It will be understood by persons skilled in the 
art that mobile data server 288 need not physically reside 
on a separate computing device from the other compo- 
nents of LAN 250, and that mobile data server 288 may 
be provided on the same computing device as another 
component of LAN 250 in variant implementations. Fur- 
thermore, the functions of mobile data server 288 may 
be integrated with the functions of another component in 
LAN 250 (e.g. message management server 272) in var- 
iant implementations. 



[0069] In variant implementations, only selected PKI 
servers 280 may be made accessible to mobile devices 
(e.g. allowing certificates to be downloaded only from a 
user's computer 262a, 262b, while allowing the revoca- 
5 tion status of certificates to be checked from mobile de- 
vice 100). 

[0070] I n variant implementations, certain PKI servers 
280 may be made accessible only to mobile devices reg- 
istered to particular users, as specified by an IT admin- 
istrator, possibly in accordance with an IT policy, for ex- 
ample. 

[0071] Other sources of certificates [not shown] may 
include a Windows certificate store, another secure cer- 
tificate store on or outside LAN 250, and smart cards, for 
example. 

[0072] Referring now to FIG. 6, a block diagram illus- 
trating components of an example of an encoded mes- 
sage, as may be received by a message server (e.g. 
message server 268 of FIG. 4), is shown generally as 
350. Encoded message 350 typically includes one or 
more of the following: a header portion 352, an encoded 
body portion 354, optionally one or more encoded attach- 
ments 356, one or more encrypted session keys 358, 
and signature and signature-related information 360. For 
example, header portion 352 typically includes address- 
ing information such as "To", "From", and "CC" address- 
es, and may also include message length indicators, and 
sender encryption and signature scheme identifiers, for 
example. Actual message content normally includes a 
message body or data portion 354 and possibly one or 
more attachments 356, which may be encrypted by the 
sender using a session key. If a session key was used, 
it is typically encrypted for each intended recipient using 
the respective public key for each recipient, and included 
in the message at 358. If the message was signed, a 
signature and signature-related Information 360 are also 
included. This may include the sender's certificate, for 
example. 

[0073] The format for an encoded message as shown 
in FIG. 6 is provided by way of example only, and persons 
skilled in the art will understand that embodiments of the 
invention will be applicable to encoded messages of oth- 
er fonnats. Depending on the specific messaging 
scheme used, components of an encoded message may 
appear in a different order than shown in FIG. 6, and an 
encoded message may include fewer, additional, or dif- 
ferent components, which may depend on whether the 
encoded message is encrypted, signed or both. 
[0074] Embodiments of the invention are generally di- 
rected to a system and method for searching and retriev- 
ing certificates. In one embodiment, a certificate search 
application residing and executing on a mobile device 
(e.g. mobile device 1 00 of FIG. 4) is programmed to ini- 
tiate certificate searches on one or more certificate serv- 
ers (e.g. LDAP server284 of FIG. 4). In this embodiment, 
the mobile device searches for and retrieves certificates 
from a certificate server through an intermediate com- 
puting device (e.g. mobile data server 288 of FIG. 4). 
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[0Q75] With reference to FIG. 4, consider an example 
implementation where a certificate search application on 
mobile device ICQ searches for and retrieves individual 
certificates from LDAP server 284 through mobile data 
server 288. Asearch request is received by the certificate 
search application, typically from a user who provides a 
first name, last name, and e-mail address of an individual 
for whom the user wishes to locate a certificate. Certain 
search requests may also be made broader, by con- 
structing search q u e ries wh ere i np uttin g on ly a few lette rs 
of a name will return all certificates issued with a name 
containing those letters as a prefix, or by otherwise using 
wild cards or blank entries in input fields to expand a 
search, for example. The search request is then commu- 
nicated from mobile device 100 to mobile data server 
288, which then queries LDAP server 284 forthe request- 
ed certificate (s). In this example implementation, located 
certificates are retrieved by the mobile data server 288, 
and specific search result data relating to each retrieved 
certificate, such as the common name and e-mail ad- 
dress of the individual (or entity) to which the respective 
certificate is issued, is communicated to the mobile de- 
vice 1 00 so that a list can be generated from the search 
result data for display to the user. The user can then 
select specific certificates for downloading to and storage 
on mobile device 100 from the list. The selections are 
then communicated to mobile data server 288, from 
which the selected certificates are downloaded to mobile 
device 100. 

[0076] When a user of mobile device 100 receives a 
signed message from a sender, the certificate of the 
sender is required in order to verify the integrity of the 
message and authenticate the identity of the sender. This 
certificate may also be referred to herein In the specifi- 
cation and in the claims as a "sender certificate" or "send- 
er's certificate". Consider the situation where only a part 
of the received message has been downloaded to mobile 
device 100, for viewing by a user through a messaging 
application executing and residing on mobile device 1 00. 
The part of the message received likely includes header 
information (e.g. header 352 of FIG. 6) from which at 
least the sender's e-mail address can typically be ob- 
tained. However, the part of the message received by 
mobile device 100 might not include the sender's certif- 
icate or identifiers thatcan be usedto identify the requisite 
certificate, since such signature-related information is 
typically attached near the end of a message (see e.g., 
signature and signature-related information 360 of FIG. 
6). 

[0077] The certificate search application on mobile de- 
vice 100 can be activated (e.g. by the user selecting an 
appropriate menu option made accessible when the mes- 
sage is being viewed) to download the sender's certifi- 
cate. Since the sender's e-mail address can be obtained 
from the downloaded header information, the certificate 
search application can automatically initiate a search for 
certificates having a matching e-mail address, on one or 
more certificate servers (e.g. LDAP server 284) through 



the mobile data server 288. In particular, where the mes- 
sage is not accompanied by the sender's certificate, the 
certificate may need to be retrieved from a certificate 
server by the certificate search application. 
5 [0078] However, multiple certificates matching the 
specified e-mail address may be located by the search. 
In prior art systems, if the part of the message containing 
the necessary information to correctly identify the requi- 
site certificate associated with that message was not 
^0 downloaded to mobile device 1 00, the user may not be 
able to select the correct certificate from a list identifying 
the multiple certificates located in the search with cer- 
tainty. The user would then have to guess at the correct 
certificate, or download all the located certificates for stor- 
es age on the mobile device, which consumes time and 
bandwidth. Similar problems may arise where data other 
than an e-mail address is retrieved from a message and 
used to perform a certificate search. 
[0079] Accordingly, embodiments of the invention re- 
20 late generally to methods that can facilitate a determina- 
tion of the certificate associated with a message, from a 
plurality of certificates located in a search of one or more 
certificate servers, even where a message has not been 
downloaded in its entirety to a uset^s computing device 
25 (e.g. mobile device). 

[0080] Referring to FIG. 7A, a flowchart illustrating 
steps in a method of searching and retrieving certificates 
in an embodiment of the invention is shown generally as 
400. 

30 [0081 ] At step 41 0, a message addressed to the user 
of a computing device (e.g. mobile device 100 of FIG. 4) 
is received at a message server (e.g. message server 
268 of FIG. 4). In one example implementation, a mes- 
sage management server (e.g. message management 

35 server 272 of FIG. 4) pushes a first part of the received 
message stored on the message server to a mobile de- 
vice. The message management server can deliver fur- 
ther parts of the received message at the request of the 
user, possibly up to a maximum pre-defined message 

40 size. The message parts delivered to the mobile device 
will generally include header information (e.g. header352 
of FIG. 6), which is typically provided at the beginning of 
a message. 

[0082] In embodiments of the invention, the message 
45 management server adds certificate identification data 
to the delivered message parts (e.g. to the header of the 
message). If a certif icate accompanies the received mes- 
sage, then the message management server can proc- 
ess the certificate to generate the certificate identification 
50 data. In one embodiment, the message management 
server applies a hash algorithm to hash at least a part of 
the certificate. The hash is then used as the certificate 
identification data to be added to the message parts (e.g. 
header) being delivered to the mobile device. In one im- 
55 plementation, the entire certificate is hashed to generate 
the hash. However in variant implementations, one or 
more specific parts or fields of a certificate may be hashed 
to generate the hash, although the likelihood that the 
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hash will uniquely and correctly identify an identical cer- 
tificate nnay be decreased depending on the parts or fields 
hashed. 

[0083] In another embodiment, the message manage- 
ment server processes the certificate accompanying the 
received message, by parsing the certificate to identify 
the serial number and issuer of the certificate. This serial 
number and issuer data is then used as the certificate 
identification data to be added to the message parts (e.g. 
header) being delivered to the mobile device. 
[0084] Similarly, where the sender's certificate does 
not accompany the received message, the message 
management server may parse the signature-related in- 
formation In the message to retrieve data that identifies 
the sendei^s certificate associated with the message, 
such as the serial number and issuer of the certificate 
used to sign the message, for example. This data is then 
used as the certificate identification data to be added to 
the message parts (e.g. header) being delivered to the 
mobile device. 

[0085] In some applications, use of the serial number 
and issuer data from a certificate as certificate identifica- 
tion data might be considered to be less secure, when 
compared to the use of a hash of an actual certificate 
(which certificate can be validated as described with ref- 
erence to FIG. 5), since the serial number and issuer 
data may be easier to forge. However, use of either type 
of certificate identification data may be useful in variant 
implementations, depending on the level of security de- 
sired. 

[0086] The generated certificate identification data can 
be used to uniquely identify the sender's certificate as- 
sociated with the received message. This may be partic- 
ularly useful when the actual signature and signature-re- 
lated information of the received message (e.g. signature 
and signature-related information 360 of FIG. 6) has not 
been delivered to the mobile device. 
[0087] At step 420, a messaging application residing 
and executing on the mobile device receives one or more 
parts of the received message, which includes the cer- 
tificate identification data, from the message manage- 
ment server. Additional parts of the received message 
may be retrieved from the message management server 
in response to a user request. 

[0088] Optionally, at step 430, the messaging applica- 
tion can use the certificate identification data received 
from the message management server to determine 
whether the certificate associated with the received mes- 
sage is already stored on the mobile device in one or 
more designated certificate stores thereof. A correspond- 
ing indication of whether or not the certificate is already 
stored may be provided with the message part(s) being 
displayed, or alongside an entry where the message is 
identified in a list of messages received by the user, for 
example. 

[0089] For example, in an embodiment where the cer- 
tificate identification data comprises a hash, at step 430, 
the messaging application generates a hash for each cer- 



tificate stored on the mobile device in one or more des- 
ignated certificate stores thereof, and compares each 
generated hash to the hash provided as certificate iden- 
tification data, in order to determine whether the certifi- 
5 cate is already stored on the mobile device. The same 
hash algorithm employed at step 410 is applied at this 
step (to the same parts or fields of the stored certificates 
if the entire certificates are not hashed) in generating the 
hashes of the stored certificates. Accordingly, if a gen- 
^0 erated hash of a given store certificate matches the hash 
received from the message management server, then a 
match is deemed to have been determined. 
[0090] Alternatively, in an embodiment where the cer- 
tificate identification data comprises serial number and 
15 issuer data, at step 430, the messaging application com- 
pares the serial number and issuer data associated with 
each certificate stored on the mobile device in one or 
more designated certificate stores thereof to the serial 
number and issuer data provided as certificate identifi- 
20 cation data, in order to determine whether the certificate 
is already stored on the mobile device. 
[0091] In variant implementations, step 430 may be 
performed by an application residing and executing on 
the mobile device other than the messaging application 
25 (e.g. by a certificate search application). 

[0092] At step 440, a search request for the certificate 
is made by a certificate search application residing and 
executing on the mobile device. For example, the search 
request may be initiated by a user, who selects a menu 
30 option provided by the messaging application that acti- 
vates the certificate search application. Alternatively, the 
messaging application or some other application on the 
mobile device may automatically activate the certificate 
search application, upon receiving a message forexam- 
35 pie, and possibly after determining that the certificate is 
not already stored on the mobile device at step 430. 
[0093] In requesting a certificate search at step 440, 
the certificate search application transmits the search re- 
quest to at least one certificate server (e.g. LDAP server 
40 284 of FIG. 4) through a mobile data server (e.g. mobile 
data server 288 of FIG. 4) in one example implementa- 
tion. The search request comprises data that typically 
includes an e-mail address, and possibly at least one 
name associated with the sender of the received mes- 
45 sage. However, it will be understood by persons skilled 
in the art that a variety of search queries may be con- 
structed without departing from the scope of the inven- 
tion. 

[0094] At step 450, the mobile data sen/er queries the 
50 at least one certificate server for certificates satisfying 
the search request that was made at step 440 by the 
certificate search application of the mobile device. Cer- 
tificates located as a result of the search query are re- 
trieved from the at least one certificate server by the mo- 
55 bile data server. 

[0095] At step 460, the located certificates are down- 
loaded to the mobile device from the mobile data server. 
The downloaded certificates are typically stored tempo- 
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rarily on the mobile device to undergo further processing. 
[0096] At step 470, the located certificates download- 
ed to the mobile device at step 460 are processed by the 
certificate search application, to determine which located 
certificate, if any, matches the certificate associated with 
the received message, as identified by the certificate 
identification data accompanying the received message. 
[0097] In an embodiment where the certificate identi- 
fication data comprises a hash, the certificate search ap- 
plication generates a hash for each located certificate, 
and compares each generated hash to the hash provided 
as certificate identification data, In order to determine the 
proper match. The same hash algorithm employed at 
step 41 0 is applied at this step (to the same parts or fields 
of the stored certificates if the entire certificates are not 
hashed) in generating the hashes of the stored certifi- 
cates. Accordingly, if a generated hash of a given located 
certificate matches the hash provided as certificate iden- 
tification data, then a match is deemed to have been de- 
termined. 

[0098] Alternatively, in an embodiment where the cer- 
tificate Identification data comprises serial number and 
issuer data, the certificate search application compares 
the serial number and issuer data associated with each 
located certificate to the serial number and issuer data 
provided as certificate Identification data, in order to de- 
termine the proper match. 

[0099] Optionally, at step 480, a list identifying the lo- 
cated certificates downloaded at step 460 may be dis- 
played to a user, with an indicator or other highlighting 
technique used to identify the matching certificate in the 
list. The user may then be prompted to select the match- 
ing certificate (and possibly other located certificates) to 
be stored in a certificate store on the mobile device for 
future use. 

[0100] At step 490, the matching certificate Is stored 
in a certificate store on the mobile device. In one embod- 
iment, this step may be performed automatically by the 
certificate search application, without prompting a user 
for its selection at step 480. 

[0101] In a variant embodiment, the matching certifi- 
cate may also be validated [step not shown], to verify its 
trust status for example, before or after storage. 
[0102] Referring nowto FIG. 7B, a flowchart illustrating 
steps in a method of searching and retrieving certificates 
in another embodiment of the invention is shown gener- 
ally as 400b. Method 400b is similar to method 400, ex- 
cept that the certificate search application may pass the 
certificate identification data to the mobile data server 
(e.g. with the search request), so that the mobile data 
server can return only the matching certificate to the mo- 
bile device, instead of all of the certificates located in the 
search. 

[0103] Specifically, at step 440, the certificate identifi- 
cation data initially received at the mobile device from 
the message managementsefver Is forwarded to the mo- 
bile data server with the search request, in this embodi- 
ment of the invention. 



[01 04] At step 460b, the mobile data server processes 
the located certificates to determine which located cer- 
tificate matches the certificate associated with the re- 
ceived message, as identified by the certificate identifi- 
5 cation data received at the mobile data server from the 
mobile device at step 440. Only the matching certificate 
is then downloaded to the mobile device at this step, for 
subsequent storage In a certificate store on the mobile 
device at step 490. The user may be prompted for per- 
mission to save the matching certificate before storage 
[step not shown]. 

[0105] Details pertaining to the remaining steps shown 
in FIG. 7B are provided with reference to FIG. 7A. 
[0106] In variant embodiments of the invention, other 
data that can be used to uniquely identify a certificate 
can be employed as certificate identification data. 
[0107] In a variant embodiment of the Invention, locat- 
ed certificates may be retrieved from one or more certif- 
icate servers and downloaded to a mobile device without 
being transmitted via a mobile data server or other inter- 
mediate computing device. 

[0108] Embodiments of the invention have been de- 
scribed above with reference to a mobile device. How- 
ever, some embodiments may also be applied to a device 
that is adapted to receive encoded messages other than 
a mobile device. 

[0109] The steps of a method of searching and retriev- 
ing certificates in embodiments of the invention may be 
provided as executable software instructions stored on 
computer-readable media, which may include transmis- 
sion-type media. 

[0110] The invention has been described with regard 
to a number of embodiments. However, it will be under- 
stood by persons skilled in the art that other variants and 
modifications may be made without departing from the 
scope of the invention as defined in the claims appended 
hereto. 



Claims 

1 . A method of searching and retrieving certificates re- 
lating to a message received by a userfrom a sender, 
the message comprising data identifying a sender 
certificate associated therewith, wherein the method 
comprises the steps of: 

at a computing device receiving certificate iden- 
tification data for the sender certificate generat- 
ed from the data in the received message Iden- 
tifying the sender certificate, wherein the certif- 
icate identification data uniquely identifies the 
sender certificate; 

performing a search to locate certificates stored 
on the computing device or a server; and 
processing each located certificate using the 
certificate identification data to determine if the 
certificate being processed is the sender certif- 
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icate associated with the received message. 

2. The method of claim 1 wherein it comprises the steps 
of: 

a) receiving at least a part of the message and 
certificate identification data at the computing 
device; 

b) providing a certificate search request for cer- 
tificates associated with the sender; 

c) performing a search on one or more certificate 
servers, wherein at least one query is submitted 
to the one or more certificate servers to request 
retrieval of located certificates satisfying the cer- 
tificate search request; 

d) retrieving at least one located certificate from 
the one or more certificate servers; 

e) processing each located certificate retrieved 
at step d), using the certificate identification da- 
ta, to determine if the respective located certifi- 
cate is the sender certificate associated with the 
message; and 

f) storing a located certificate on the computing 
device, if the located certificate is the sender cer- 
tificate associated with the message as deter- 
mined at step e]. 

3. The method of claim 2, wherein the computing de- 
vice is a mobile device. 

4. The method of claim 3, wherein steps c) and d) are 
performed at a second computing device coupled to 
the mobile device. 

5. The method of claim 4, wherein the second comput- 
ing device is a mobile data server. 

6. The method of claim 4 or claim 5, wherein step e) is 
also perFomned at the second computing device, and 
wherein the method further comprises the step of 
downloading the located certificate of step f) to the 
mobile device from the second computing device. 

7. The method of claim 4 or claim 5, wherein step e) is 
performed at the mobile device, and wherein the 
method further comprises the step of downloading 
the located certificates retrieved at step d) to the mo- 
bile device from the second computing device. 

8. The method of any one of claims 2 to 7, further com- 
prising displaying a list of located certificates re- 
trieved at step d) to a user on the computing device, 
wherein the list indicates which certificate, if any, is 
the sender certificate associated with the message 
as determined at step e). 

9. The method of claim 8, further comprising receiving 
one or more user selections of certificates from the 



list, and storing selected certificates in a certificate 
store on the computing device. 

1 0. The method of any one of claims 2 to 9, further com- 
5 prising the step of detennining whether the sender 

certificate is stored on the computing device prior to 
step b). 

11. The method of claim 1, wherein it comprises the 
^0 steps of: 

receiving the certificate identification data at the 
computing device; and 

determining whether the sender certificate is 
15 stored on the computing device, by generating 

certificate identification data associated with 
each of a plurality of certificates stored on the 
computing device, and comparing generated 
certificate identification data for each of the plu- 
20 rality of stored certificates to the certificate iden- 

tification data generated for the sender certifi- 
cate to identify a stored certificate matching the 
sender certificate. 

25 12, The method of any one of claims 2 to 11, wherein 

the certificate identification data for a certificate in- 
cludesaserial numberand issuer data forthe sender 
certificate; 

wherein each located certificate is parsed to obtain 
30 the respective serial number and issuer data for the 
certificate, and wherein the obtained serial number 
and issuer data is compared to the certificate iden- 
tification data. 

35 13, The method of any one of claims 2 to 11, wherein 
the certificate identification data for a certificate in- 
cludes a hash of at least a part of the sender certif- 
icate; wherein each located certificate has a hash 
algorithm applied thereto to obtain the respective 
40 hash for the certificate; and wherein the respective 
hash is compared to the certificate identification da- 
ta. 

1 4, A system for searching and retrieving certificates re- 
45 lating to a message received by a user from a sender, 
the message comprising data identifying a sender 
certificate associated therewith, the system compris- 
ing: 

50 a message management server adapted to gen- 

erate certificate identification data from the mes- 
sage, wherein the certificate identification data 
uniquely identifies the sender certificate; 
a mobile device adapted to receive at least a 
55 part of the message, and the certificate identifi- 

cation data, from the message management 
server; and 

a mobile data server adapted to receive a search 
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request from the mobile device for certificates 
associated with the sender, perform a search on 
one or more certificate servers by querying the 
one or more certificate sen/ers for located cer- 
tificates satisfying the search request, and re- 
trieve located certificates from the one or more 
certificate servers; 

wherein at least one of the mobile device and the 
mobile data server is further adapted to process each 
located certificate retrieved at the mobile data server 
to determine, using the certification identification da- 
ta, if the respective located certificate is the sender 
certificate associated with the message; and 
wherein the mobile device provides one or more cer- 
tificate stores to store a located certificate deter- 
mined to be the sender certificate associated with 
the message. 

1 5. A software application for execution on a computing 
device, the application comprising a plurality of in- 
structions stored on a computer-readable medium, 
the instructions for performing the steps of the meth- 
od as claimed in any of claims 1 to 13. 



Amended claims in accordance witli Rule 86(2) EPC. 

1. A method of searching and retrieving certificates 
relating to a message received at a user's computing 
device (100) from a sender's computing device 
(262b), the message comprising data identifying a 
sender certificate associated therewith, wherein the 
method comprises the steps of: 

at the user's computing device (1 00) or a second 
computing device (262a, 272, 288) coupled to 
the user's computing device (1 00) receiving cer- 
tificate identification data for the sender certifi- 
cate generated from data in the received mes- 
sage identifying the sender certificate, wherein 
the certificate identification data uniquely iden- 
tifies the sender certificate; 
performing a search to locate certificates stored 
on the computing device (100) and/or a server 
(284); and 

processing each located certificate using the 
certificate identification data to detemiine if the 
certificate being processed is the sender certif- 
icate associated with the received message. 

2. The method of claim 1 wherein it comprises the 
steps of: 

receiving at least a part of the message and cer- 
tificate identification data at the user's comput- 
ing device (1 00); 

providing a certificate search request for certif- 



icates associated with the sender; 
performing a search on one or more certificate 
servers (284), wherein at least one query is sub- 
mitted to the one or more certificate servers to 

5 req uest retrieval of located certificates satisfy! ng 

the certificate search request; 
retrieving at least one located certificate from 
the one or more certificate servers; 
processing each retrieved located certificate us- 

^0 ing the certificate identification data to determine 

if the respective certificate is the sender certifi- 
cate associated with the message; and 
storing a located certificate on the user's com- 
puting device, if the located certificate is deter- 

15 mined to be the sender certificate associated 

with the message. 

3. The method of claim 1 or claim 2, wherein the 
user's computing device is a mobile device (100). 

20 

4. The method of claim 3, wherein the steps of per- 
forming a search on one or more certificate servers 
(284), and retrieving at least one located certificate 
from the one or more certificate servers are per- 

25 fomned at the second computing device (262a, 272, 
288) coupled to the mobile device (100). 

5. The method of claim 4, wherein the second com- 
puting device is a mobile data server (288). 

30 

6. The method of claim 4 or claim 5, wherein the step 
of processing each retrieved located certificate using 
the certificate identification data to determine if the 
respective certificate is the sender certificate asso- 

35 ciated with the message is also performed at the 
second computing device (262a, 272, 288), and 
wherein the method further comprises the step of 
downloading the located certificate detennined to be 
the sender certificate associated with the message 

40 to the mobile device (1 00) from the second comput- 
ing device. 

7. The method of claim 4 or claim 5, wherein the step 

of processing each retrieved located certificate using 
45 the certificate identification data to determine if the 
respective certificate is the sender certificate asso- 
ciated with the message is performed at the mobile 
device (100), and wherein the method further com- 
prises the step of downloading the located certifi- 
50 cates retrieved from the one or more certificate serv- 
ers (284) to the mobile device (1 00) from the second 
computing device (262a, 272, 288). 

8. The method of any one of claims 2 to 7, further 
55 comprising displaying a list of located certificates re- 
trieved from the one or more certificate servers (284) 
to a user on the user's computing device (100), 
wherein the list indicates which certificate, if any, is 
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the located certificate determined to be the sender 
certificate associated with the message. 

9. The method of claim 8, further comprising receiv- 
ing one or more user selections of certificates from 5 
the list, and storing selected certificates in a certifi- 
cate store on the computing device (1 00). 

10. The method of any one of claims 2 to 9, further 
comprising the step of determining whether the 
sender certificate is stored on the computing device 
(100) prior to providing a certificate search request 
for certificates associated with the sender. 

1 1 . The method of claim 1 , wherein it comprises the i5 
steps of: 

receiving the certificate identification data at the 
user's computing device (100); and 
determining whether the sender certificate is 20 
stored on the user's computing device (100) by 
generating certificate identification data associ- 
ated with each of a plurality of certificates stored 
on the computing device, and comparing the 
generated certificate identification data for each 25 
of the plurality of stored certificates to the certif- 
icate identification data received at the user's 
computing device (1 00) to identify a stored cer- 
tificate matching the sender certificate. 

30 

1 2. The method of any one of claims 2 to 1 1 , wherein 
the certificate identification data for a certificate in- 
cludes a serial numberand issuerdataforthe sender 
certificate; 

wherein each located certificate is parsed to obtain 35 
the respective serial number and issuer data for the 
certificate, and wherein the obtained serial number 
and issuer data is compared to the certificate iden- 
tification data. 

40 

1 3. The method of any one of claims 2 to 1 1 , wherein 
the certificate identification data for a certificate in- 
cludes a hash of at least a part of the sender certif- 
icate; wherein each located certificate has a hash 
algorithm applied thereto to obtain the respective 45 
hash for the certificate; and wherein the respective 
hash is compared to the certificate identification da- 
ta. 

1 4. A system (1 00, 200, 250) for searching and re- 50 
trieving certificates relating to a message received 
by a user's computing device (100) from a sender's 
computing device (262b), the message comprising 
data identifying a sender certificate associated 
therewith, the system comprising: 



the message, wherein the certificate identifica- 
tion data uniquely identifies the sender certifi- 
cate; 

the user's computing device comprising a mo- 
bile device (100) adapted to receive at least a 
part of the message, and the certificate identifi- 
cation data, from the message management 

server (272); and 

a mobile data server (288) adapted to receive a 
search request from the user's mobile device 
(1 00) for certificates associated with the sender, 
perform a search on one or more certificate serv- 
ers (284) by querying the one or more certificate 
servers for located certificates satisfying the 
search request, and retrieve located 
certificates from the one or more certificate serv- 
ers; 

wherein at least one of the mobile device (1 00) and 
the mobile data server (288) is further adapted to 

process each located certificate retrieved at the mo- 
bile data server (288) to determine, using the certi- 
fication identification data, if the respective located 
certificate is the sender certificate associated with 
the message; and 

wherein the mobile device (100) Is arranged to pro- 
vide one or more certificate stores to store a located 
certificate determined to be the sender certificate as- 
sociated with the message. 

15. A software application for execution on a user's 
computing device (100), the application comprising 
program instruction means stored on a compu- 
ter-readable medium, the instruction means when 
being executed causing the user's computing device 
(1 00) to perform the steps of the method as claimed 
in any one of claims 1 to 13. 
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a message management server (272) adapted 
to generate certificate identification data from 
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